Re: [PHP] Regex validation
After ceo posted about the imap function I was eager to try it out
and got rather disappointed pretty soon.
imap_rfc822_parse_adrlist() should not be used for email validation!
EXAMPLE:
?php
var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { |
} ~', ''));
?
The above code will output:
array(1) {
[0]=
object(stdClass)(2) {
[mailbox]=
string(36) ! # $ % * + - / = ? ^ _ ` { | } ~
[host]=
string(0)
}
}
Although
! # $ % * + - / = ? ^ _ ` { | } ~@example.com
would be a valid email address!
Without the '@example.com' it is not.
Have a look at the user comments at [1], where one user has further examples.
[1] http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { | } ~',
''));
This looks like a valid localhost email address to me...
What's wrong with it?
:-v
You may want to check that host is non-empty, if you do not expect any
localhost users, and fail on that condition, however.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
ceo wrote:
var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { | } ~',
''));
This looks like a valid localhost email address to me...
It surely is a valid localhost email address, but what most people
(and the OP) usually need is to validate a full email string with a
local and a domain part.
What should be valid email addresses according to RFC 2822 [1]:
!#$%*+-/=?^_`{|[EMAIL PROTECTED]
@@example.com
Not valid email addresses:
\@example.com
@@example.com
- [EMAIL PROTECTED]
Valid email addresses according to the Multipurpose Internet Mail
Extension (MIME) [2]:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
So for people who got to write code that also works on PHP4 it is not
very easy to validate an email address.
Even nice regex attempts like [3] fail since more and more mail
servers support the MIME hieroglyphs.
That's why I was pretty excited about imap_rfc822_parse_adrlist(),
since it runs in PHP4 if installed.
Which clearly is no substitute for the PHP5+ filter functions [4].
If it's just my brain farting and there actually then tell me.
[1] http://www.faqs.org/rfcs/rfc2822.html
[2] http://en.wikipedia.org/wiki/MIME
[3] http://www.addedbytes.com/php/email-address-validation/
[4] http://in.php.net/filter
Re: [PHP] Regex validation
On Tue, Oct 28, 2008 at 8:57 PM, VamVan [EMAIL PROTECTED] wrote: SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. Are they not base64 encoded? I have had issues in decrypting elements that were not base64 encoded as some characters would end up mimicing EOL or otherwise dropping data -- Bastien Cat, the other other white meat
Re: [PHP] Regex validation
When it comes to email validation, I would recommend using the IMAP function which will be both fast and correct: http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php Otherwise, it's guaranteed that you are having at least some false positives, and probably some false negatives. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
On Wed, Oct 29, 2008 at 5:36 AM, [EMAIL PROTECTED] wrote: When it comes to email validation, I would recommend using the IMAP function which will be both fast and correct: http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php Otherwise, it's guaranteed that you are having at least some false positives, and probably some false negatives. Didn't know about those IMAP functions. And they even work in PHP4. Thanks for telling. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Regex validation
Hello Team of Nerds,
I need help in writing a regular expression for this:
invalid character set is:
INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.};
I want to a pregmatch for these characters on my whole email address and if
match is found I need to return false.
Thank you
Re: [PHP] Regex validation
On Tue, Oct 28, 2008 at 4:10 PM, VamVan [EMAIL PROTECTED] wrote:
Hello Team of Nerds,
I need help in writing a regular expression for this:
invalid character set is:
INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.};
Then you need to STFW and RTFM. PHP uses Perl-style regexp's, by the way.
The best place to start, in my opinion, and a site you should
bookmark, is Jan Goyvaerts'[1] site. He's done a fantastic job for
people of varying degrees of /regexpertise/:
http://www.regular-expressions.info/
1: [MEDIA] http://www.just-great-software.com/special/JanGoyvaerts.wav
--
/Daniel P. Brown
http://www.parasane.net/ [New Look]
[EMAIL PROTECTED] || [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Hello Team of Nerds,
Not the best way to start your request for help.
I need help in writing a regular expression for this:
invalid character set is:
INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.};
I want to a pregmatch for these characters on my whole email address and if
match is found I need to return false.
Based on what you've said, you might not need a regex, there may well
be an str* function that you can use. Maybe strpos().
--
Richard Heyes
HTML5 Graphing for FF, Chrome, Opera and Safari:
http://www.rgraph.org (Updated October 25th)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
VamVan wrote:
Hello Team of Nerds,
I need help in writing a regular expression for this:
invalid character set is:
INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.};
I want to a pregmatch for these characters on my whole email address and if
match is found I need to return false.
Thank you
If your trying to filter E-Mail addresses, then filter_var is what you
should use:
http://php.net/filter_var
Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Regex validation
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Richard Heyes
Sent: Tuesday, October 28, 2008 4:30 PM
To: VamVan
Cc: php List
Subject: Re: [PHP] Regex validation
Hello Team of Nerds,
Not the best way to start your request for help.
I need help in writing a regular expression for this:
invalid character set is:
INVALID_STRING={/,*,+,(,),'\',:,;,~,..,
.@,@.};
I want to a pregmatch for these characters on my whole email address
and if
match is found I need to return false.
Based on what you've said, you might not need a regex, there may well
be an str* function that you can use. Maybe strpos().
I thought so at first, but it appears the final 3 array members of
INVALID_STRING are two characters wide. That could, of course, be
handled with a different algorithm from the other, one-character
members.
Todd Boyd
Web Programmer
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Thank Guys,
I at least got part of it working , not the double words but almost
everything else than that:
function _email_validate($mail_address){
$invalid_charset_pattern = [(*+?)|~:;{}/ ];
if(ereg($invalid_charset_pattern, $mail_address)){
return false;
}else{
return true;
}
}
Thanks for the inputs
On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED] wrote:
Good to know filter_var() exists in PHP5
Unless you have PHP5 you better validate the string in the way of checking
if it is fit's to your allowed characters and not checking if it contains
the NOT allowed charaters.
You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and
I
haven't started yet with the weirdy ones
HTH,
Nitsan
On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] wrote:
If your trying to filter E-Mail addresses, then filter_var is what you
should use:
http://php.net/filter_var
If the OP (original poster) got PHP5+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Keep in mind that ereg will disappear with PHP 6. You might want to use
the preg functions:
http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/
Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com
VamVan wrote:
Thank Guys,
I at least got part of it working , not the double words but almost
everything else than that:
function _email_validate($mail_address){
$invalid_charset_pattern = [(*+?)|~:;{}/ ];
if(ereg($invalid_charset_pattern, $mail_address)){
return false;
}else{
return true;
}
}
Thanks for the inputs
On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Good to know filter_var() exists in PHP5
Unless you have PHP5 you better validate the string in the way of
checking
if it is fit's to your allowed characters and not checking if it
contains
the NOT allowed charaters.
You better use: [a-z0-9A-Z\_\.]+ instead of
[^\)\(\*\[EMAIL PROTECTED] and I
haven't started yet with the weirdy ones
HTH,
Nitsan
On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
If your trying to filter E-Mail addresses, then filter_var is
what you
should use:
http://php.net/filter_var
If the OP (original poster) got PHP5+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
On Tue, 2008-10-28 at 18:07 -0500, Micah Gersten wrote:
Keep in mind that ereg will disappear with PHP 6. You might want to use
the preg functions:
http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/
Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com
VamVan wrote:
Thank Guys,
I at least got part of it working , not the double words but almost
everything else than that:
function _email_validate($mail_address){
$invalid_charset_pattern = [(*+?)|~:;{}/ ];
if(ereg($invalid_charset_pattern, $mail_address)){
return false;
}else{
return true;
}
}
Thanks for the inputs
On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Good to know filter_var() exists in PHP5
Unless you have PHP5 you better validate the string in the way of
checking
if it is fit's to your allowed characters and not checking if it
contains
the NOT allowed charaters.
You better use: [a-z0-9A-Z\_\.]+ instead of
[^\)\(\*\[EMAIL PROTECTED] and I
haven't started yet with the weirdy ones
HTH,
Nitsan
On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
If your trying to filter E-Mail addresses, then filter_var is
what you
should use:
http://php.net/filter_var
If the OP (original poster) got PHP5+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Also, according to the official spec, +, and are all valid email
address characters.
Ash
www.ashleysheridan.co.uk
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Yeah, I understand that its allowed in RFC. But unfortunately I use SSO
layer which decrypts the Cookie to get email address.
This is where it messes up. So I have decided not to allow people to use
that as well.
Thanks
On Tue, Oct 28, 2008 at 5:10 PM, Ashley Sheridan
[EMAIL PROTECTED]wrote:
On Tue, 2008-10-28 at 18:07 -0500, Micah Gersten wrote:
Keep in mind that ereg will disappear with PHP 6. You might want to use
the preg functions:
http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/
Thank you,
Micah Gersten
onShore Networks
Internal Developer
http://www.onshore.com
VamVan wrote:
Thank Guys,
I at least got part of it working , not the double words but almost
everything else than that:
function _email_validate($mail_address){
$invalid_charset_pattern = [(*+?)|~:;{}/ ];
if(ereg($invalid_charset_pattern, $mail_address)){
return false;
}else{
return true;
}
}
Thanks for the inputs
On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Good to know filter_var() exists in PHP5
Unless you have PHP5 you better validate the string in the way of
checking
if it is fit's to your allowed characters and not checking if it
contains
the NOT allowed charaters.
You better use: [a-z0-9A-Z\_\.]+ instead of
[^\)\(\*\[EMAIL PROTECTED] and I
haven't started yet with the weirdy ones
HTH,
Nitsan
On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
If your trying to filter E-Mail addresses, then filter_var is
what you
should use:
http://php.net/filter_var
If the OP (original poster) got PHP5+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Also, according to the official spec, +, and are all valid email
address characters.
Ash
www.ashleysheridan.co.uk
Re: [PHP] Regex validation
VamVan a écrit : This is where it messes up. So I have decided not to allow people to use that as well. By that way, you're making a lot of ennemies on this very list :D -- Mickaël Wolff aka Lupus Michaelis http://lupusmic.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten [EMAIL PROTECTED] wrote: What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks
Re: [PHP] Regex validation
How is anything but your webserver decrypting the $_POST data? PHP should get it after that as is. Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten [EMAIL PROTECTED] wrote: What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
